<?php
/**
 * This file is accessed through JavaScript and executes code on the server side (AJAX).
 * User related functionality.
 * @author Siim Loog
 */

session_start();
require_once 'init.php';


 
	if ( isset($_GET['action'])) {
		switch( $_GET['action'] ) {
			
		// Returns the login area.
			case 'getLoginArea':
				echo $site->fetch( 'User/logIn.html' );
				break;
			
			// Returns the register area.
			case 'getRegisterArea':
				echo $site->fetch( 'User/register.html' );
				break;
			
			// Logs in the user.
			case 'logIn':
				$matrikkel = addslashes(trim($_GET['matrikkel']));
				$password = addslashes(trim($_GET['password']));
				
				$user = User::logIn( $sql, $matrikkel, $password );
				if($user) {
					if( $user->aktiivne == 1 ) {
						$_SESSION['userId'] = $user->id;
						$site->assign( 'user', $user );
		
						echo $site->fetch( 'User/loggedIn.html' );
		
		
					} else {
						echo 'Deaktiveeritud';
					}
				} else {
				 	echo 'Error';
				}
				break;
			
			// Logs out the user.
			case 'logOut':
				$_SESSION = array();
				echo $site->fetch( 'User/loggedOut.html' );
				break;
		
			// Returns the password changing areas html.
			case 'getPasswordArea':
				$id = addslashes(trim($_GET['userId']));
				echo $site->fetch( 'User/password.html' );
				echo '<p>
						<button onclick="changePassword('.$id.');" class="userEditButton">Muuda parooli</button>
					</p>';
				break;
			
		
	}
	} else if(isset($_POST['action'])){
		switch( $_POST['action'] ) {
		
			// Registers a user.
			case 'register':
				$matrikkel = addslashes(trim($_POST['matrikkel']));
				$hash = addslashes(trim($_POST['password']));
				$ruhm = addslashes(trim($_POST['ruhm']));
				$eesnimi = addslashes(trim($_POST['eesnimi']));
				$perenimi = addslashes(trim($_POST['perenimi']));
				$result = User::insert( $sql, $matrikkel, $hash, $ruhm, $eesnimi, $perenimi);
				if( $result) {
					echo "Olete registreerunud";
				} else {
					echo 'Error';
				}
				break;
		
			// Edits users data.
			case 'editUserData':
				
				if(!isset($_SESSION['oppejoud'])){
					exit;
				}
				$id = addslashes(trim($_POST['idkasutaja']));
				$matrikkel = addslashes(trim($_POST['matrikkel']));
				$ruhm = addslashes(trim($_POST['ruhm']));
				$eesnimi = addslashes(trim($_POST['eesnimi']));
				$perenimi = addslashes(trim($_POST['perenimi']));
				if(User::editUserData($sql, $id, $matrikkel, $ruhm, $eesnimi, $perenimi)){
					echo "Andmed uuendatud";
				} else echo "Viga. andmeid ei uuendatud";
				
				break;
				
			// deactivates user.
			case 'deActivateUser':
				if(!isset($_SESSION['oppejoud'])){
					exit;
				}
				$id = addslashes(trim($_POST['idkasutaja']));
				$response = User::deActivate($sql, $id);
				echo "Deaktiveeritud";
				
				if($response){
					echo "Deaktiveeritud";
				} else echo "Viga";
				
				break;
				
			// deactivates user.
			case 'activateUser':
				if(!isset($_SESSION['oppejoud'])){
					exit;
				}
				$id = addslashes(trim($_POST['idkasutaja']));
				$response = User::activate($sql, $id);
				echo "Aktiveeritud";
				
				if($response){
					echo "Aktiveeritud";
				} else echo "Viga";
				
				break;
				
			// deactivates user.
			case 'deleteUser':
				if(!isset($_SESSION['oppejoud'])){
					exit;
				}
				$id = $_POST['idkasutaja'];
				$response = User::deleteUser($sql, $id);
				if($response){
					echo "OK";
				} else echo "Viga";
				break;
				
				// deactivates user.
			case 'changePassword':
				if(!isset($_SESSION['oppejoud'])){
					exit;
				}
				$id = $_POST['userId'];
				$hash = $_POST['password'];
				$response = User::changePassword($sql, $id, $hash);
				if($response){
					echo "OK";
				} else echo "Viga";
				break;
				
				
		
	}
	} else exit;





?>
